NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
Archived TD0364:  Android mmap testing for FPT_AEX_EXT.1.1

Publication Date
2018.10.09

Protection Profiles
PP_APP_v1.2

Other References
FPT_AEX_EXT.1.1

Issue Description

Android tests are written in such a way that requires the device to be rooted. It is possible for one of the two devices to sense the rooting and fix itself thereby disallowing the re-root of the device.

Resolution

The evaluation activity for Android in FPT_AEX_EXT.1.1 is modified as :

For Android: The evaluator shall run the same application on two different Android devices. Both devices do not need to be evaluated, as the second device is acting only as a tool.  Connect via ADB and inspect /proc/PID/maps. Ensure the two different instances share no memory mappings made by the application at the same location.

Alternatively, the evaluator may use the same device. After collecting the first instance of mappings, the evaluator must uninstall the application, reboot the device, and reinstall the application to collect the second instance of mappings.

Justification

See issue description.

 
 
Site Map              Contact Us              Home